Thanks for the video. Quick tip: Keep the zoom-in, zoom-out to a minimum. Makes it really difficult to see which page you're on when skipping back and forth to catch up/rewind when doing it on your own computer.
Your videos finally helped me setup my wireguard after countless tries using other guides and I appreciate the update with the new peer generator! Keep it up!!
I tried like million times to set WG server on my OPNsense. All failed miserably. So now I have WG but behind firewall. I will give ... one more try as I see that in your tutorial there are few other things. I shall let you know if I am a good student (and your good teacher). ;)
@@sysadmin102 BLOODY HELLLLLL!!!!!! WORKING LIKE A CHARM FROM FIRST TRY!!! Believe me, I tried many "gurus" here on YT - you are the first one I succeeded ;-) Thanks so much!
Do you even have to use the Port Forwarding feature in order to open the port if you don't have a static public IP address ? Mine's not working if missing that step even thought I'd used the DDNS on my setting. And will the clients also get access to the internet besides internal resources ? On the other hand, great work, the whole video was very carefully made and edited.
The rules added allowing WAN connection to reach the VPN Server through the default port. DDNS is only to keep your public IP updated. Yes, if you follow my setup, the client will have access to internet as well.
Under Step 6 Interface Assignment, why wouldn't you set up an subnet and gateway (like 10.3.2.1/32) under IPv4 section? And under Step 2, why wouldn't you use 10.3.2.1/24 instead under tunnel ling address? you used 10.3.2.0/24. Why didn't you create a DHCPv4 under "Services" to hand out IPs for the wireguard subnet? Thanks a lot!
/32 (or subnet mask of 255.255.255.255) refers to a single host (gateway in this case). 10.3.2.1 - 10.3.2.254 are useable IPs within 10.3.2.0/24 subnet address. Wireguard doesn't support DHCP, at least at the time this tutorial was recorded.
@@starfoxBR77 for WG you mean? true, but, you just make the config file (like the author of this video nicely showed), send it to the phone, import it and... voila. There is actually NOTHING to thinker there - ON or OFF ;-)
It’s doable if you have static IP, if you don’t then DDNS is required. It’s only $10/years or you can use some free DDNS, just you won’t get the name you wanted.
I do have a static IP I have 1 server in an data center with 30 static IPS and 1 server at home I wanna make an VPN tunnel so the server at home with dynamic IP uses the IPS from the data center for hosting but I fail to find a way to do it :(
@@grxkas5552 then you can replace the DDNS with static IP anywhere I mentioned DDNS. A DDNS only used to update your IP for routing due to DHCP can assign a different IP address over time.
Bro I appreciate you trying to help but you speak to slow and chopped up. Work on trying to be cleared when speaking. English may not be your first language but you are hard to listen to. Just constructive criticism. Peace
I get this error message and the Wireguard does not work. (OPNsense 24.1.6-amd64) wireguard /usr/local/opnsense/scripts/Wireguard/wg-service-control.php: The command `/sbin/ifconfig 'bridge0' addm 'wg0'' failed to execute
@@sysadmin102 24.1.7_4 Many thanks for the info, The tunnel is in place, but I can't ping anywhere. ping general error !!!! there is still a worm in there somewhere wireguard instance WG (wg0) started /usr/local/opnsense/scripts/Wireguard/wg-service-control.php: ROUTING: entering configure using 'opt3'
os-wireguard has been integrated to core. You can skip the plugin installation step.
Thanks for the video. Quick tip: Keep the zoom-in, zoom-out to a minimum. Makes it really difficult to see which page you're on when skipping back and forth to catch up/rewind when doing it on your own computer.
Thanks for the feedback!
Your videos finally helped me setup my wireguard after countless tries using other guides and I appreciate the update with the new peer generator! Keep it up!!
Glad I could help
Dude! Thanks! 🙏🏼 I always get confused with setting up wg. This was amazing.
Any time!
I tried like million times to set WG server on my OPNsense. All failed miserably. So now I have WG but behind firewall. I will give ... one more try as I see that in your tutorial there are few other things. I shall let you know if I am a good student (and your good teacher). ;)
Most people missed firewall rules/NAT rules or create interface to skip settings NAT rules
@@sysadmin102 BLOODY HELLLLLL!!!!!! WORKING LIKE A CHARM FROM FIRST TRY!!! Believe me, I tried many "gurus" here on YT - you are the first one I succeeded ;-) Thanks so much!
Your welcome!
Great work!!!! perfect my friend!!!
Do you even have to use the Port Forwarding feature in order to open the port if you don't have a static public IP address ?
Mine's not working if missing that step even thought I'd used the DDNS on my setting.
And will the clients also get access to the internet besides internal resources ?
On the other hand, great work, the whole video was very carefully made and edited.
The rules added allowing WAN connection to reach the VPN Server through the default port. DDNS is only to keep your public IP updated. Yes, if you follow my setup, the client will have access to internet as well.
Under Step 6 Interface Assignment, why wouldn't you set up an subnet and gateway (like 10.3.2.1/32) under IPv4 section? And under Step 2, why wouldn't you use 10.3.2.1/24 instead under tunnel ling address? you used 10.3.2.0/24. Why didn't you create a DHCPv4 under "Services" to hand out IPs for the wireguard subnet? Thanks a lot!
/32 (or subnet mask of 255.255.255.255) refers to a single host (gateway in this case). 10.3.2.1 - 10.3.2.254 are useable IPs within 10.3.2.0/24 subnet address. Wireguard doesn't support DHCP, at least at the time this tutorial was recorded.
Thank you...can you do a Wireguard S2S video on OPNsense?
I’m currently busy with other projects, but it’s on the list.
2:11 I like to avoid this completely by using IPv6 ULA addresses with a random /48 prefix :)
Whatever works for you, my friend. I only give the general guidance, the choice is always your.
Thank you. Last week I cold set ZeroTier working perfectly. Am I missing anything by not using wire guard?
Never use ZeroTier before, so I can’t tell if you’re missing anything
@@sysadmin102 Thanks!
yes, privacy, ZeroTier uses closed source controlled and not in your possession right? ;)
@@zyghom Ohhhh. Okok. That's a good point. I will reconsider Wireguard then! Shame that de Android app is so basic and no intuitive. Tks
@@starfoxBR77 for WG you mean? true, but, you just make the config file (like the author of this video nicely showed), send it to the phone, import it and... voila. There is actually NOTHING to thinker there - ON or OFF ;-)
can you please make a video on how to set up wireguard to route all internet traffic via pia vpn on opnsense pls
I will at a near future as I do not use PIA VPN.
@sysadmin102 thank you, if it mullard vpn .. that works too..
wireguard is not a thing anymore? i cant find the plugin
They removed it from time to time. Wireguard is still experimental on OPNSENSE.
@@sysadmin102for those who dont have a DDNS is it still doable? i wnet over your vid 50 times i still dont find the answer
It’s doable if you have static IP, if you don’t then DDNS is required. It’s only $10/years or you can use some free DDNS, just you won’t get the name you wanted.
I do have a static IP
I have 1 server in an data center with 30 static IPS and 1 server at home I wanna make an VPN tunnel so the server at home with dynamic IP uses the IPS from the data center for hosting but I fail to find a way to do it :(
@@grxkas5552 then you can replace the DDNS with static IP anywhere I mentioned DDNS. A DDNS only used to update your IP for routing due to DHCP can assign a different IP address over time.
Need a home setup....
Meaning?
@@sysadmin102 opnsense / vpn setup for whole home network.
Unless you paid for a dedicated IP. It's annoying to get blocked from many site with the shared VPN IP.
Bro I appreciate you trying to help but you speak to slow and chopped up. Work on trying to be cleared when speaking. English may not be your first language but you are hard to listen to. Just constructive criticism. Peace
Appreciate the feedback.
I understood every word.... Ignorant
@@Gaming-Overlord The language is clear and understandable. But his voice is low. Need a better mic for sure
Definitely had no issues with the language. It’s easy to understand.
I get this error message and the Wireguard does not work. (OPNsense 24.1.6-amd64)
wireguard /usr/local/opnsense/scripts/Wireguard/wg-service-control.php: The command `/sbin/ifconfig 'bridge0' addm 'wg0'' failed to execute
Upgrade to 24.1.7 and see if that fix the issue.
@@sysadmin102
24.1.7_4
Many thanks for the info, The tunnel is in place, but I can't ping anywhere.
ping general error !!!!
there is still a worm in there somewhere
wireguard instance WG (wg0) started
/usr/local/opnsense/scripts/Wireguard/wg-service-control.php: ROUTING: entering configure using 'opt3'
Hey add you sysadmin102 logo to the dashboard!
Why?
@@sysadmin102 Soits there as branding during any of your videos